package com.nebula.controller.portal;

import com.nebula.controller.BaseController;
import com.nebula.entity.Qa;
import com.nebula.entity.User;
import com.nebula.common.Const;
import com.nebula.service.IQaService;
import com.nebula.service.IUserService;
import com.nebula.service.impl.QaServiceImpl;
import com.nebula.service.impl.UserServiceImpl;
import com.nebula.util.MD5Util;
import org.apache.commons.lang3.StringUtils;

import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.*;

/**
 * @author CcccX
 */
@WebServlet(name = "ForgotController", urlPatterns = "/forgot")
public class ForgotController extends BaseController {

    private final IUserService userService = new UserServiceImpl();

    private final IQaService qaService = new QaServiceImpl();

    public String validateUser(HttpServletRequest request, HttpServletResponse response) {
        String username = request.getParameter("username");
        if (StringUtils.isBlank(username)) {
            request.setAttribute("errMsg", "用户名不能为空");
            return Const.FORWARD + "forgot.jsp";
        }
        User user = userService.findByUsername(username);
        if (StringUtils.isBlank(user.getId())) {
            request.setAttribute("errMsg", "用户名不存在");
            return Const.FORWARD + "forgot.jsp";
        }
        request.setAttribute("user", user);
        return Const.FORWARD + "/forgot?method=indexQuestion";
    }

    public String indexQuestion(HttpServletRequest request, HttpServletResponse response) {
        User user = (User) request.getAttribute("user");

        if (user.getQuestionOne() != 0
                && user.getQuestionTwo() != 0
                && user.getQuestionThree() != 0) {
            Integer[] ids = {user.getQuestionOne(), user.getQuestionTwo(), user.getQuestionThree()};
            List<Qa> qas = qaService.findByIds(ids);
            request.setAttribute("qaList", qas);
            return Const.FORWARD + Const.DEFAULT_URL + "forgot/qa-validate.jsp";
        }

        request.setAttribute("errMsg", "未设置安全问题，请联系管理员");
        return Const.FORWARD + "forgot.jsp";
    }

    public String validateQa(HttpServletRequest request, HttpServletResponse response) {
        String username = request.getParameter("username");
        String answer1 = request.getParameter("answer1");
        String answer2 = request.getParameter("answer2");
        String answer3 = request.getParameter("answer3");

        if (StringUtils.isBlank(username)) {
            request.setAttribute("msg", "非法请求");
            return Const.FORWARD + Const.MESSAGE_PAGE;
        }
        User user = userService.findByUsername(username);
        request.setAttribute("user", user);
        if (StringUtils.isBlank(answer1) || StringUtils.isBlank(answer2) || StringUtils.isBlank(answer3)) {
            request.setAttribute("errMsg", "请输入安全问题的答案");
            return Const.FORWARD + "/forgot?method=indexQuestion";
        }

        List<String> list = new ArrayList<>();
        list.add(answer1);
        list.add(answer2);
        list.add(answer3);
        request.setAttribute("answers", list);

        if (!user.getAnswerOne().equals(MD5Util.MD5EncodeUtf8(answer1.trim()))) {
            request.setAttribute("errMsg", "安全问题1答案错误");
            return Const.FORWARD + "/forgot?method=indexQuestion";
        }

        if (!user.getAnswerTwo().equals(MD5Util.MD5EncodeUtf8(answer2.trim()))) {
            request.setAttribute("errMsg", "安全问题2答案错误");
            return Const.FORWARD + "/forgot?method=indexQuestion";
        }

        if (!user.getAnswerThree().equals(MD5Util.MD5EncodeUtf8(answer3.trim()))) {
            request.setAttribute("errMsg", "安全问题3答案错误");
            return Const.FORWARD + "/forgot?method=indexQuestion";
        }


        return Const.FORWARD + Const.DEFAULT_URL + "forgot/reset-pwd.jsp";
    }

    public String resetPwd(HttpServletRequest request, HttpServletResponse response) {
        String userId = request.getParameter("userId");

        if (StringUtils.isBlank(userId)) {
            request.setAttribute("msg", "非法请求");
            return Const.FORWARD + Const.MESSAGE_PAGE;
        }

        String pwd = request.getParameter("pwd");
        String rePwd = request.getParameter("rePwd");

        User user1 = userService.findById(userId);
        request.setAttribute("user", user1);

        if (StringUtils.isBlank(pwd)) {
            request.setAttribute("errMsg", "请输入新密码");
            return Const.FORWARD + Const.DEFAULT_URL + "forgot/reset-pwd.jsp";
        }
        if (StringUtils.isBlank(rePwd)) {
            request.setAttribute("errMsg", "请输入确认密码");
            return Const.FORWARD + Const.DEFAULT_URL + "forgot/reset-pwd.jsp";
        }

        pwd = MD5Util.MD5EncodeUtf8(pwd.trim());
        rePwd = MD5Util.MD5EncodeUtf8(rePwd.trim());

        if (!pwd.equals(rePwd)) {
            request.setAttribute("errMsg", "两次密码不一致");
            return Const.FORWARD + Const.DEFAULT_URL + "forgot/reset-pwd.jsp";
        }

        User user = new User();
        user.setId(userId);
        user.setPassword(pwd);
        try {
            userService.update(user);
            return Const.REDIRECT + "login.jsp";
        } catch (Exception e) {
            e.printStackTrace();
            request.setAttribute("errMsg", Const.PROGRAM_EXCEPTION);
            return Const.FORWARD + Const.DEFAULT_URL + "forgot/reset-pwd.jsp";
        }
    }
}
